harsini opened a new issue, #41153:
URL: https://github.com/apache/superset/issues/41153
### Bug description
## Bug Description
When deploying Apache Superset using the official Helm chart, authentication
breaks when configuration is provided via `configOverrides` helm value.
Without `configOverrides`, everything works correctly.
Adding `configOverrides` provided in this report, authentication fails and
APIs behave as if the user is anonymous.
Issue starts in Superset **6.1.0**. Superset **6.0.0 works fine**.
---
## To Reproduce
### Working deployment
Install Superset with default Helm values (no `configOverrides`).
Result:
- `/api/v1/security/login` returns valid JWT
- `/api/v1/me/` returns authenticated user
- dashboards load correctly
---
### Broken deployment
Add this to `values.yaml`:
```python
configOverrides:
superset: |
RATELIMIT_STORAGE_URI = CACHE_REDIS_URL
FEATURE_FLAGS = {
"EMBEDDED_SUPERSET": True,
"DASHBOARD_RBAC": True,
}
GUEST_ROLE_NAME = env("SUPERSET_GUEST_ROLE_NAME", "EmbeddedAnalyzer")
GUEST_TOKEN_JWT_SECRET = env("GUEST_TOKEN_JWT_SECRET")
PUBLIC_ROLE_LIKE = "Public"
X_FRAME_OPTIONS = "NONE"
TALISMAN_CONFIG = {
"force_https": True,
"force_https_permanent": True,
"frame_options": None,
"content_security_policy": {
"frame-ancestors": ["'self'", "https://*.mydomain.com";],
},
}
ENABLE_PROXY_FIX = True
```
Deploy:
```bash
helm upgrade --install superset apache/superset -f values.yaml
```
---
## Observed behavior
- `/api/v1/security/login` succeeds
- JWT token is issued
- `/api/v1/me/` returns:
```json
{
"result": {
"is_active": false,
"is_anonymous": true
}
}
```
OR returns `401 Unauthorized`
- dashboards return empty results
---
## Expected behavior
Same config should work whether:
- applied via Helm `configOverrides`, OR
- added manually to `superset_config.py` secret after deployment
---
## Important finding
If I:
1. Deploy without `configOverrides`
2. Manually patch `superset-config` secret and add the config at the end of
`superset_config.py` data
3. Restart pods
➡️ Everything works fine
---
## Environment
- Superset: 6.1.0
- Helm chart: official Superset chart
- Kubernetes: DOKS
---
## Notes
This started in Superset 6.1.0.
Same setup works in 6.0.0.
### Screenshots/recordings
_No response_
### Superset version
master / latest-dev
### Python version
3.9
### Node version
16
### Browser
Chrome
### Additional context
_No response_
### Checklist
- [ ] I have searched Superset docs and Slack and didn't find a solution to
my problem.
- [ ] I have searched the GitHub issue tracker and didn't find a similar bug
report.
- [ ] I have checked Superset's logs for errors and if I found a relevant
Python stacktrace, I included it here as text in the "additional context"
section.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
